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DETAILED ACTION 
Response to Amendment 

1. Applicants amendments with respect to claims 1 - 21 filed 27 March 2006 have been 
fully considered but they are not persuasive. Amendments to claims have been accepted. 
Objections to some claims have not been duly overcome, therefore the objections stand. 

Response to Arguments 

2. Applicant's arguments with respect to claims 1 - 21 have been considered but are not 
persuasive. 

3. In response to applicant's argument that the references fail to show certain features of 
applicant's invention, it is noted that the features upon which applicant relies (i.e., encrypting a 
data element by the verifier and decrypting it by the prover and authenticating the prover or the 
verifier using a symmetrical cryptographic scheme) are not recited in the rejected claim(s). 
Although the claims are interpreted in light of the specification, limitations from the specification 
are not read into the claims. See In re Van Geuns, 988 F.2d 1 181 , 26 USPQ2d 1057 (Fed. Cir. 
1993). 

With regard to applicant's assertion that claim 1 recites encrypting a data element by the 
verifier and decrypting it by the prover, while Hopkins teaches the opposite. Claim 1, step a) 
recites transmission of data in either direction which makes Hopkins relevant since the claim 
does not limit transmission to a single direction. Additionally, in claim 1 , steps f) - i) do not 
disclose a symmetric cryptographic scheme therefore, this limitation cannot be read into the 
claim. 

As for applicant's argument that the data elements exchanged between the prover and 
the verifier are communicated in encrypted form as in Claim 1. While step d) of the claim 
provides for encryption, step a) of the same claim sends data in unencrypted form. Since 
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information is sent both in unencrypted and encrypted forms, a single limitation cannot be read 
into the claim. 

Claim Objections 

4. Claims 1 and 20 are objected to because of the following informalities: 

• Claim 1, step i) recites "verifying unit in dependence..." where it should state - 
- verifying unit is dependent 

• Claim 20 recites "G./ as opposed to Gi --. 

The above citations are exemplary and applicant is required to make appropriate 
corrections throughout the entire application. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

5. Claims 1 - 6, 13 - 16 and 21 are rejected under 35 U.S.C. 102(b) as being anticipated 
by Hopkins in US Patent 5,757,918 (hereinafter US '918). 

6. As it relates to claim 1 , US '91 8 teaches: 

A method for authenticating a data set between a proving unit and a verifying unit, which 
comprises the steps of (see US '918: Abstract): 

a) communicating the data set from one of the proving and verifying units to a respective other 
of the proving and verifying units such that the data set is in an unencrypted form to both the 
proving and verifying units after completing step a) (see US '918: column 3, lines 13-14); 

b) generating at least one data element in the verifying unit (see US '918: column 3, line 26) ; 
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c) using the verifying unit to encrypt the data element in a first cryptographic encryption method 
using a public key of the proving unit resulting in at least one encrypted data element, and the 
public key is known to the verifying unit (see US '918: column 4, lines 39 - 40); 

d) communicating the encrypted data element from the verifying unit to the proving unit (see US 
'918: column 4, lines 42 - 44); 

e) using the proving unit to decrypt the encrypted data element in a first decryption method, 
assigned to the first cryptographic encryption method, using a private key known only to the 
proving unit (see US '918: column 3, lines 27 - 28); 

f) using the proving unit to calculate, from the data set to be authenticated, in a second 
cryptographic method, an authenticator dependent on the data element (see US '918: column 3, 
lines 25 -30); 

g) communicating the authenticator from the proving unit to the verifying unit (see US 918: 
column 3, lines 25 - 30); 

h) using the verifying unit to check the authenticator with an aid of an authentication checking 
algorithm, assigned to the second cryptographic method using the data element and the data 
set (see US '918: column 3, lines 31 - 33); and 

i) accepting the data set as communicated by the proving unit to the verifying unit in 
dependence on a result of the check performed in step h) (see US '918: column 3, lines 34 - 
37). 

For claim 2, US '918 teaches: 
The method according to claim 1, which further comprises during the step a), using the proving 
unit to communicate the data set in unencrypted form to the verifying unit (see US '918: column 
3, lines 13-14). 
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For claim 3, US '918 teaches: 
The method according to claim 1, which further comprises using the verifying unit to generate 
the data set as a random element and subsequently, in the step a), communicating the data set 
to the proving unit (see US '918: column 3, lines 13-14). 

For claim 4, US '918 teaches: 
The method according to claim 1, which further comprises during the step h): 
forming the authentication checking algorithm to be substantially identical to the second 
cryptographic method for authenticator generation; 

applying the authentication checking algorithm by the verifying unit to the data element and the 
data set for forming a reference authenticator; and 

comparing the reference authenticator with the authenticator (see US '918: column 3, lines 31 - 
33, 54 - 60 and column 4, lines 39 - 40). 

As for claim 5, US '918 teaches: 
The method according to claim 1, which further comprises during the step h): 
forming the authentication checking algorithm with a decryption method corresponding to the 
second cryptographic method for generating the authenticator for an associated encryption 
method; 

applying the authentication checking algorithm by the verifying unit to the authenticator by 
decryption for forming a reference data element and a reference data set; and 
comparing the reference data element and the reference data set with the data element and the 
data set (see US '918: column 3, lines 54 -60 and column 4, lines 39 - 40). 

As for claim 6, US '918 teaches: 
The method according to claim 1, which further comprises: 
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repeating steps b), c), d) and e) for generating at least one further data element before 
performing the step f); and 

using the proving unit to encrypt the data set to be authenticated in step f) in a manner 
dependent on the data element and the further data element to form the authenticator (see US 
'918 column 2, lines 46 - 48 and column 4, lines 42 - 44). 

As for claim 13, US '918 discloses: 
The method according to claim 1 , which further comprises performing the following steps before 
performing step b): 

using the proving unit to communicate the public key with a certificate of a trust center; 
using the verifying unit to check a validity of the public key of the proving unit using a 
certification method; and 

using the verifying unit to continue the communication with the proving unit in a manner 
dependent on a result of the check (see US '918: column 2, line 56 - column 3, lines 1 - 5). 

For claim 14, US '918 teaches: 
The method according to claim 1, which further comprises: 
forming the proving unit as an integrated circuit on a smart card; and 
forming the verifying unit as a smart card terminal (see US '918: column 2, lines 27 - 29). 

As for claim 15, US '918 teaches: 
The method according to claim 1, which further comprises forming the proving unit as an 
integrated circuit in an identification/authentication token which is fixedly connected to a non- 
localized object (see US '918: column 4, lines 58 - 66). 

As for claim 16 and 21, US '918 teaches: 
The methods according to claims 14 and 15 respectively, which further comprises performing 
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the communication between the proving unit and the verifying unit contactlessly (see US '918: 
column 2, lines 32 -36). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 7-12 and 17-20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Hopkins (US Patent 5,757,918) in view of Miyaji et al. in US Patent 5,272,755. 

8. Regarding claims 7 and 8, Hopkins discloses: 

carrying out the first cryptographic encryption method and the first decryption method (see US 
'91 8: column 3, lines 31 - 33, 54 - 60 and column 4, lines 39 - 40) 
but does not show 

using discrete exponentiation in a semigroup or using an algorithm based on elliptical curves (as 
in claims 7 and 8 respectively). 

Miyaji et al. however does disclose using discrete exponentiation in a semigroup (see 
US 755: column 12, line 28) and using an algorithm based on elliptical curves (see US 755: 
column 15, lines 7-22). 

For claims 7 and 8, it would be obvious to one of ordinary skill in the art at the time of the 
invention to modify the methods of Hopkins and Miyaji et al. as they both use features of secure 
data communication within the same field of endeavor (positively identifying and communicating 
data between authorized parties) and with the same problem sought to be solved (reducing the 
costs and the technical implementation outlay in the authentication of data). 

As for claims 9 and 17, Hopkins discloses: 
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performing the first cryptographic encryption method using the verifying unit, 

using the verifying unit to calculate an element, 

using the verifying unit to calculate from the public key, and 

using the verifying unit to encrypt the at least one data element, 

but does not teach 

generating] a number t e T, where T is a subrange of integers; 
or 

calculating] element h f{t) e H, where f : T -»T is a mapping into a subrange T of the integers, 
which is not necessarily different from T, H represents a multiplicatively written semigroup 
generated by element h, with a discrete exponentiation of a base h as a one-way function in the 
semigroup H; 
or 

[calculating] k pub = h f(d) e H, element tt (k pub f(t) ) e G, where tt : H -> G specifies a mapping of the 
semigroup H into a group G, d = k priv e T is the private key which is accessible only to the 
proving unit, and a mapping t ->h f(t) -> tt (k f(t) ) from the subrange of the integers T to the group 
G represents a one-way function; and 
or 

[encrypting] z, by a combination with respect to the encrypted data element, z' = z ° tt (k pub f(t) ) e 
G. 

Miyaji et al. however does show 
generating] a number t e T, where T is a subrange of integers; 

using the verifying unit to calculate, element h f(t) e H, where f : T ->T is a mapping into a 
subrange T of the integers, which is not necessarily different from T, H represents a 
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multiplicatively written semigroup generated by element h, with a discrete exponentiation of a 

base h as a one-way function in the semigroup H; 

and 

calculating] k pub = h f(d) e H, element tt (k pub f(t) ) e G, where tt : H -> G specifies a mapping of the 
semigroup H into a group G, d = k prjv e T is the private key which is accessible only to the 
proving unit, and a mapping t ->h f(t) -> tt (k f(t) ) from the subrange of the integers T to the group 
G represents a one-way function; and 

encrypt[ing] the at least one data element, z, by a combination with respect to the encrypted 
data element, z* = z ° tt (k pub f(t) ) e G (see US 755: column 1 , lines 40 - 50, column 1 1 , lines 68 - 
column 12, lines 1 - 9: where it is obvious that if the GF (2 n ) computations are implored then 
instance arithmetic calculations are relied upon). 

For claims 9 and 17, it would be obvious to one of ordinary skill in the art at the time of 
the invention to modify the methods of Hopkins and Miyaji et al. as they both use features of 
secure data communication within the same field of endeavor (communicating data between 
authorized parties) and with the same problem sought to be solved (protecting information 
against unauthorized access). 

Regarding claims 10 and 18, Miyaji et al. in view of Hopkins teaches as a method 
according to claim 9, which further comprises during the step d), in addition to the encrypted 
data element, using the verifying unit to communicate the element h f(t) e H to the proving unit 
(see US '918: column 3, lines 26 - 27). 

As for claims 11 and 19, US '918 teaches: 
performing the first cryptographic decryption method, 

using the proving unit to calculate the element and inverse element (see US '918: column 3, 
lines 25 -30) and 
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using the proving unit to decrypt the encrypted data element (see US '918: column 3, lines 27 - 
28) 

but does not disclose: 

calculating] k pub f(t) e H using function f, the element h f(t) e H and the private key d known only to 
the proving unit; or 

calculating] an inverse element tt' (k pub f(t> ) e G with respect to element tt (k pub f(t) ) e G; and 
decrypting] the encrypted data element by a combination of the encrypted data element with 
inverse element: z = z' ° tt' (k pub f(t) ), where the first cryptographic decryption method is based on 
the same mappings f, tt and the same combination ° as the first cryptographic encryption 
method. 

Miyaji et al. however does show 
calculating] k pub f(t) e H using function f, the element h f(t) e H and the private key d known only to 
the proving unit; or 

calculating] an inverse element tt' (k pub f(t) ) e G with respect to element tt (k pub f(t) ) e G; and 
decrypting] the encrypted data element by a combination of the encrypted data element with 
inverse element: z = z' ° tt' (k pub f(t) ), where the first cryptographic decryption method is based on 
the same mappings f, tt and the same combination ° as the first cryptographic encryption 
method (see US 755: column 1 , lines 40 - 50, column 1 1 , lines 68 - column 1 2, lines 1 - 9). 

For claims 1 1 and 19, it would be obvious to one of ordinary skill in the art at the time of 
the invention to modify the methods of Hopkins and Miyaji et al. as they both use features of 
secure data communication within the same field of endeavor (communicating data between 
authorized parties) and with the same problem sought to be solved (authenticating information 
between authorized parties). 

Regarding claims 12 and 20, US '918 discloses: 
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performing the second cryptographic method, using the proving unit to calculate, using the 
proving unit to transform the data set (see US '918: column 3, lines 25 - 30) 
but does not teach 

calculating] from at least one unencrypted data element z, an element g 2 = tt 1 (z) e G 1 and an 
element g 2 = tt 2 (z) e G 2 , where G_i and G 2 represent groups where Gi subset G 2 and TTi : G -> 
Gi and tt 2 : G -> G 2 represent functions which map elements of the group G onto the groups Gi 
or G 2 ; 

transforming] the data set to be authenticated m, to form an element g' = (gi * m) with a group 
combination * in Gi; and 

calculating] D, by D = inj (g') ■ g 2 with the group combination ■ in G 2 , where the mapping inj : G^ 
-> G 2 maps elements from Gi injectively into G 2 . 

Miyaji et al. however does show 
calculating] from the at least one unencrypted data element z, an element g 2 = tt-i (z) e Gi and 
an element g 2 = tt 2 (z) e G 2 , where G_i and G 2 represent groups where Gi subset G 2 and tt, : G 
-» Gi and tt 2 : G -> G 2 represent functions which map elements of the group G onto the groups 
GiorG 2 ; 

transforming] the data set to be authenticated m, to form an element g' = (gi * m) with a group 
combination * in Gi; and 

calculating] D, by D = inj (g 1 ) ■ g 2 with the group combination • in G 2 , where the mapping inj : Gi 
-> G 2 maps elements from Gi injectively into G 2 (see US 755: column 1 , lines 40 - 50, column 
1 1 , lines 68 - column 1 2, lines 1 - 9). 

For claims 12 and 20, it would be obvious to one of ordinary skill in the art at the time of 
the invention to modify the methods of Hopkins and Miyaji et al. as they both use features of 
secure data communication within the same field of endeavor (communicating data between 
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authorized parties) and with the same problem sought to be solved (protecting information 
against unauthorized access). 

Conclusion 

9. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. Park et al in US Patent No. 5966445 discloses ideas parallel to applicant's claimed 
invention. 

1 0. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing date 
of this final action. 

1 1 . Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Laurel Lashley whose telephone number is 571-272-0693. The examiner 
can normally be reached on Monday - Thursday, alt Fridays btw 7:30 am & 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, Jr. can be reached on 571-272-3799. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
Laurel Lashley 
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